hxxps://static-tracking[.]klaviyo[.]com/onsite/js/static[.]500134348b1f0969ffe3[.]js?cb=1

Resubmissions

27-04-2024 22:03

240427-1yt8gahh2w 4

Analysis

max time kernel
36s
max time network
70s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
27-04-2024 22:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1

Score

4^/10

antivm

Malware Config

Signatures

Changes its process name 64 IoCs

Processes:

firefox

description	ioc	pid
Changes the process name, possibly in an attempt to hide itself	gmain	1780
Changes the process name, possibly in an attempt to hide itself	gdbus	1788
Changes the process name, possibly in an attempt to hide itself	glean.dispatche	1791
Changes the process name, possibly in an attempt to hide itself	IPC I/O Parent	1795
Changes the process name, possibly in an attempt to hide itself	IPC I/O Parent	1795
Changes the process name, possibly in an attempt to hide itself	IPC I/O Parent	1795
Changes the process name, possibly in an attempt to hide itself	Timer	1890
Changes the process name, possibly in an attempt to hide itself	Netlink Monitor	1891
Changes the process name, possibly in an attempt to hide itself	Socket Thread	1892
Changes the process name, possibly in an attempt to hide itself	Timer	1890
Changes the process name, possibly in an attempt to hide itself	Netlink Monitor	1891
Changes the process name, possibly in an attempt to hide itself	Socket Thread	1892
Changes the process name, possibly in an attempt to hide itself	IPDL Background	1895
Changes the process name, possibly in an attempt to hide itself	IPDL Background	1895
Changes the process name, possibly in an attempt to hide itself	Backgro~Pool #1	1897
Changes the process name, possibly in an attempt to hide itself	Backgro~Pool #1	1897
Changes the process name, possibly in an attempt to hide itself	HTML5 Parser	1903
Changes the process name, possibly in an attempt to hide itself	HTML5 Parser	1903
Changes the process name, possibly in an attempt to hide itself	pool-firefox	1915
Changes the process name, possibly in an attempt to hide itself	pool-firefox	1916
Changes the process name, possibly in an attempt to hide itself	JS Watchdog	1922
Changes the process name, possibly in an attempt to hide itself	JS Watchdog	1922
Changes the process name, possibly in an attempt to hide itself	BGReadURLs	1930
Changes the process name, possibly in an attempt to hide itself	BGReadURLs	1930
Changes the process name, possibly in an attempt to hide itself	Cache2 I/O	1944
Changes the process name, possibly in an attempt to hide itself	Cookie	1945
Changes the process name, possibly in an attempt to hide itself	Cookie	1945
Changes the process name, possibly in an attempt to hide itself	glxtest:disk$0	1958
Changes the process name, possibly in an attempt to hide itself	StreamTrans #1	1973
Changes the process name, possibly in an attempt to hide itself	StreamTrans #1	1973
Changes the process name, possibly in an attempt to hide itself	TaskCon~ller #1	1978
Changes the process name, possibly in an attempt to hide itself	TaskCon~ller #0	1977
Changes the process name, possibly in an attempt to hide itself	BgIOThr~Pool #1	1981
Changes the process name, possibly in an attempt to hide itself	BgIOThr~Pool #1	1981
Changes the process name, possibly in an attempt to hide itself	StreamTrans #2	2014
Changes the process name, possibly in an attempt to hide itself	StreamTrans #2	2014
Changes the process name, possibly in an attempt to hide itself	QuotaManager IO	2032
Changes the process name, possibly in an attempt to hide itself	QuotaManager IO	2032
Changes the process name, possibly in an attempt to hide itself	IndexedDB #1	2033
Changes the process name, possibly in an attempt to hide itself	IndexedDB #1	2033
Changes the process name, possibly in an attempt to hide itself	IPC Launch	2036
Changes the process name, possibly in an attempt to hide itself	IPC Launch	2036
Changes the process name, possibly in an attempt to hide itself	SandboxReporter	2035
Changes the process name, possibly in an attempt to hide itself	SandboxReporter	2035
Changes the process name, possibly in an attempt to hide itself	Breakpad Server	2034
Changes the process name, possibly in an attempt to hide itself	Sandbox Forked	2037
Changes the process name, possibly in an attempt to hide itself	DOM Worker	2038
Changes the process name, possibly in an attempt to hide itself	DOM Worker	2038
Changes the process name, possibly in an attempt to hide itself	Chroot Helper	2039
Changes the process name, possibly in an attempt to hide itself	MainThread	2037	firefox
Changes the process name, possibly in an attempt to hide itself	IPC I/O Child	2041
Changes the process name, possibly in an attempt to hide itself	IPC I/O Child	2041
Changes the process name, possibly in an attempt to hide itself	IPC I/O Child	2041
Changes the process name, possibly in an attempt to hide itself	Socket Process	2037	firefox
Changes the process name, possibly in an attempt to hide itself	Backgro~Pool #1	2042
Changes the process name, possibly in an attempt to hide itself	Backgro~Pool #1	2042
Changes the process name, possibly in an attempt to hide itself	Socket Thread	2043
Changes the process name, possibly in an attempt to hide itself	Socket Thread	2043
Changes the process name, possibly in an attempt to hide itself	FSBroker2037	2044
Changes the process name, possibly in an attempt to hide itself	FSBroker2037	2044
Changes the process name, possibly in an attempt to hide itself	Timer	2045
Changes the process name, possibly in an attempt to hide itself	Timer	2045
Changes the process name, possibly in an attempt to hide itself	ProfilerChild	2046
Changes the process name, possibly in an attempt to hide itself	ProfilerChild	2046

Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
antivm

Virtualization/Sandbox Evasion
T1497

Processes:

firefox

description ioc process

File opened for reading /proc/cpuinfo firefox

description	ioc	process
File opened for reading	/proc/cpuinfo	firefox

Reads CPU attributes 1 TTPs 10 IoCs

System Information Discovery

T1082

Processes:

firefoxfirefoxfirefoxfirefoxfirefoxnautilusfirefox

description	ioc	process
File opened for reading	/sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq	firefox
File opened for reading	/sys/devices/system/cpu/cpu0/cache/index3/size	firefox
File opened for reading	/sys/devices/system/cpu/present	firefox
File opened for reading	/sys/devices/system/cpu/present	firefox
File opened for reading	/sys/devices/system/cpu/present	firefox
File opened for reading	/sys/devices/system/cpu/cpu0/cache/index2/size	firefox
File opened for reading	/sys/devices/system/cpu/present	firefox
File opened for reading	/sys/devices/system/cpu/present	firefox
File opened for reading	/sys/devices/system/cpu/online	nautilus
File opened for reading	/sys/devices/system/cpu/present	firefox

Enumerates kernel/hardware configuration 1 TTPs 64 IoCs

Reads contents of /sys virtual filesystem to enumerate system information.

System Information Discovery

T1082

Processes:

glxtestfirefoxdbus-daemonfirefoxfirefoxfirefoxfirefoxfirefox

description	ioc	process
File opened for reading	/sys/bus/pci/devices/0000:00:00.0/class	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:03.0/vendor	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:06.0/vendor	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:04.0/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:03.0/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.1/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:06.0/irq	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:02.0/irq	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:05.0/irq	glxtest
File opened for reading	/sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor	glxtest
File opened for reading	/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us	firefox
File opened for reading	/sys/kernel/security/apparmor/features/dbus/mask	dbus-daemon
File opened for reading	/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us	firefox
File opened for reading	/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us	firefox
File opened for reading	/sys/bus/pci/devices/0000:00:01.1/vendor	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:05.0/vendor	glxtest
File opened for reading	/sys/devices/system/cpu	firefox
File opened for reading	/sys/bus/pci/devices/0000:00:03.0/class	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:04.0/irq	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:04.0/class	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:00.0/irq	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:05.0/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.0/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.3/irq	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.3/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.3/vendor	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:06.0/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:00.0/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:02.0/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:02.0/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:05.0/class	glxtest
File opened for reading	/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us	firefox
File opened for reading	/sys/bus/pci/devices/0000:00:01.0/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:02.0/class	glxtest
File opened for reading	/sys/devices/pci0000:00/0000:00:02.0/uevent	glxtest
File opened for reading	/sys/devices/pci0000:00/0000:00:02.0/vendor	glxtest
File opened for reading	/sys/devices/system/cpu	firefox
File opened for reading	/sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us	firefox
File opened for reading	/sys/bus/pci/devices/0000:00:01.1/device	glxtest
File opened for reading	/sys/devices/system/cpu	firefox
File opened for reading	/sys/devices/pci0000:00/0000:00:02.0/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.1/class	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:02.0/vendor	glxtest
File opened for reading	/sys/devices/system/cpu	firefox
File opened for reading	/sys/devices/system/cpu	glxtest
File opened for reading	/sys/devices/system/cpu	firefox
File opened for reading	/sys/bus/pci/devices/0000:00:01.0/vendor	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.3/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.1/irq	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:06.0/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:04.0/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.0/class	glxtest
File opened for reading	/sys/devices/system/cpu	firefox
File opened for reading	/sys/bus/pci/devices	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:03.0/resource	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:03.0/irq	glxtest
File opened for reading	/sys/devices/pci0000:00/0000:00:02.0/subsystem_device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.0/irq	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:00.0/vendor	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:01.3/class	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:04.0/vendor	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:06.0/class	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:05.0/device	glxtest
File opened for reading	/sys/bus/pci/devices/0000:00:00.0/device	glxtest

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

Processes:

seddbus-sendfirefoxgvfsd-fusefirefoxdbus-daemonfirefoxdbus-sendgvfsdfirefoxseddconf-servicesedglxtestfirefoxsednautilusfirefoxgvfsd-trash

description	ioc	process
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/self/fd	dbus-send
File opened for reading	/proc/self/fd/30	firefox
File opened for reading	/proc/filesystems	firefox
File opened for reading	/proc/filesystems	gvfsd-fuse
File opened for reading	/proc/self/fd/74	firefox
File opened for reading	/proc/self/fd/73	firefox
File opened for reading	/proc/self/cgroup	firefox
File opened for reading	/proc/2069/cmdline	dbus-daemon
File opened for reading	/proc/2086/cmdline	dbus-daemon
File opened for reading	/proc/mounts	dbus-daemon
File opened for reading	/proc/filesystems	firefox
File opened for reading	/proc/2231/statm	firefox
File opened for reading	/proc/self/fd	dbus-send
File opened for reading	/proc/self/fd/52	firefox
File opened for reading	/proc/filesystems	gvfsd
File opened for reading	/proc/self/maps	firefox
File opened for reading	/proc/self/fd/47	firefox
File opened for reading	/proc/self/fd/44	firefox
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/self/fd/10	firefox
File opened for reading	/proc/2060/cmdline	dbus-daemon
File opened for reading	/proc/self/stat	firefox
File opened for reading	/proc/filesystems	firefox
File opened for reading	/proc/1504/cmdline	dbus-daemon
File opened for reading	/proc/self/fd	firefox
File opened for reading	/proc/2184/statm	firefox
File opened for reading	/proc/2231/smaps	firefox
File opened for reading	/proc/2146/smaps	firefox
File opened for reading	/proc/1487/attr/current	dbus-daemon
File opened for reading	/proc/self/cgroup	firefox
File opened for reading	/proc/2093/cmdline	dbus-daemon
File opened for reading	/proc/cmdline	dconf-service
File opened for reading	/proc/2146/statm	firefox
File opened for reading	/proc/self/task/1606/stat	firefox
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/filesystems	glxtest
File opened for reading	/proc/self/fd	gvfsd
File opened for reading	/proc/self/stat	firefox
File opened for reading	/proc/self/task/2153/stat	firefox
File opened for reading	/proc/self/fd/43	firefox
File opened for reading	/proc/2065/cmdline	dbus-daemon
File opened for reading	/proc/filesystems	dbus-daemon
File opened for reading	/proc/filesystems	sed
File opened for reading	/proc/2120/statm	firefox
File opened for reading	/proc/self/fd/32	firefox
File opened for reading	/proc/self/maps	firefox
File opened for reading	/proc/filesystems	nautilus
File opened for reading	/proc/self/cgroup	firefox
File opened for reading	/proc/filesystems	dconf-service
File opened for reading	/proc/sys/kernel/cap_last_cap	dbus-daemon
File opened for reading	/proc/self/fd/50	firefox
File opened for reading	/proc/self/cgroup	firefox
File opened for reading	/proc/self/task/2235/stat	firefox
File opened for reading	/proc/self/fd/51	firefox
File opened for reading	/proc/self/stat	firefox
File opened for reading	/proc/self/task/2125/stat	firefox
File opened for reading	/proc/self/fd/87	firefox
File opened for reading	/proc/self/mountinfo	firefox
File opened for reading	/proc/self/fd/41	firefox
File opened for reading	/proc/2079/cmdline	dbus-daemon
File opened for reading	/proc/self/mountinfo	gvfsd-trash
File opened for reading	/proc/self/task/2040/stat	firefox
File opened for reading	/proc/2111/cmdline	dbus-daemon

Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.

Processes:

firefox

description ioc process

File opened for modification /tmp/firefox/.parentlock firefox

description	ioc	process
File opened for modification	/tmp/firefox/.parentlock	firefox

/usr/bin/xdg-open
xdg-open "https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1"
1⤵
PID:1472
- /usr/bin/dbus-send
  dbus-send --print-reply "--dest=org.freedesktop.DBus" /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager
  2⤵
  - Reads runtime system information
  PID:1473
- - /usr/bin/dbus-launch
    dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr
    3⤵
    PID:1474
  - - /usr/bin/dbus-daemon
      /usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session
      4⤵
      Enumerates kernel/hardware configuration
      Reads runtime system information
      PID:1479
    - - /usr/libexec/xdg-desktop-portal
        
        /usr/libexec/xdg-desktop-portal
        5⤵
        
        PID:2060
    - - /usr/libexec/xdg-document-portal
        
        /usr/libexec/xdg-document-portal
        5⤵
        
        PID:2065
    - - /usr/libexec/xdg-permission-store
        
        /usr/libexec/xdg-permission-store
        5⤵
        
        PID:2069
    - - /usr/libexec/xdg-desktop-portal-gtk
        
        /usr/libexec/xdg-desktop-portal-gtk
        5⤵
        
        PID:2079
    - - /usr/libexec/gvfsd
        
        /usr/libexec/gvfsd
        5⤵
        Reads runtime system information
        
        PID:2086
      - /usr/libexec/gvfsd-trash
        
        /usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0
        6⤵
        Reads runtime system information
        
        PID:2111
    - - /usr/libexec/dconf-service
        
        /usr/libexec/dconf-service
        5⤵
        Reads runtime system information
        
        PID:2103
    - - /usr/bin/nautilus
        
        /usr/bin/nautilus --gapplication-service
        5⤵
        Reads CPU attributes
        Reads runtime system information
        
        PID:2108
- /usr/bin/grep
  grep " = \\\"xfce4\\\"\$"
  2⤵
  PID:1489
- /usr/bin/xprop
  xprop -root _DT_SAVE_MODE
  2⤵
  PID:1488
- /usr/bin/grep
  grep -i "^xfce_desktop_window"
  2⤵
  PID:1492
- /usr/bin/xprop
  xprop -root
  2⤵
  PID:1491
- /usr/bin/grep
  grep -q "^Enlightenment"
  2⤵
  PID:1494
- /usr/bin/uname
  uname
  2⤵
  PID:1495
- /usr/bin/grep
  grep -q "^file://"
  2⤵
  PID:1497
- /usr/bin/egrep
  egrep -q "^[[:alpha:]+\\.\\-]+:"
  2⤵
  PID:1499
- /usr/local/sbin/grep
  grep -E -q "^[[:alpha:]+\\.\\-]+:"
  2⤵
  PID:1499
- /usr/local/bin/grep
  grep -E -q "^[[:alpha:]+\\.\\-]+:"
  2⤵
  PID:1499
- /usr/sbin/grep
  grep -E -q "^[[:alpha:]+\\.\\-]+:"
  2⤵
  PID:1499
- /usr/bin/grep
  grep -E -q "^[[:alpha:]+\\.\\-]+:"
  2⤵
  PID:1499
- /usr/bin/sed
  sed -n "s/\$^[[:alnum:]+\\.-]*\$:.*\$/\\1/p"
  2⤵
  - Reads runtime system information
  PID:1502
- /usr/bin/xdg-mime
  xdg-mime query default x-scheme-handler/https
  2⤵
  PID:1503
- - /usr/bin/dbus-send
    dbus-send --print-reply "--dest=org.freedesktop.DBus" /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager
    3⤵
    - Reads runtime system information
    PID:1504
  - - /usr/bin/dbus-launch
      dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr
      4⤵
      PID:1505
- - /usr/bin/grep
    grep " = \\\"xfce4\\\"\$"
    3⤵
    PID:1507
- - /usr/bin/xprop
    xprop -root _DT_SAVE_MODE
    3⤵
    PID:1506
- - /usr/bin/grep
    grep -i "^xfce_desktop_window"
    3⤵
    PID:1509
- - /usr/bin/xprop
    xprop -root
    3⤵
    PID:1508
- - /usr/bin/grep
    grep -q "^Enlightenment"
    3⤵
    PID:1511
- - /usr/bin/uname
    uname
    3⤵
    PID:1512
- - /usr/bin/sed
    sed "s/:/ /g"
    3⤵
    - Reads runtime system information
    PID:1515
- - /usr/bin/head
    head -n 1
    3⤵
    PID:1518
- - /usr/bin/grep
    grep "x-scheme-handler/https=" /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache
    3⤵
    PID:1517
- - /usr/bin/cut
    cut -d "=" -f 2
    3⤵
    PID:1519
- - /usr/bin/cut
    cut -d ";" -f 1
    3⤵
    PID:1520
- - /usr/bin/head
    head -n 1
    3⤵
    PID:1523
- - /usr/bin/cut
    cut -d ";" -f 1
    3⤵
    PID:1525
- - /usr/bin/cut
    cut -d "=" -f 2
    3⤵
    PID:1524
- - /usr/bin/grep
    grep "x-scheme-handler/https=" /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache
    3⤵
    PID:1522
- - /usr/bin/head
    head -n 1
    3⤵
    PID:1528
- - /usr/bin/cut
    cut -d ";" -f 1
    3⤵
    PID:1530
- - /usr/bin/cut
    cut -d "=" -f 2
    3⤵
    PID:1529
- - /usr/bin/grep
    grep "x-scheme-handler/https=" /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache
    3⤵
    PID:1527
- - /usr/bin/cut
    cut -d ";" -f 1
    3⤵
    PID:1535
- - /usr/bin/cut
    cut -d "=" -f 2
    3⤵
    PID:1534
- - /usr/bin/head
    head -n 1
    3⤵
    PID:1533
- - /usr/bin/grep
    grep "x-scheme-handler/https=" /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache
    3⤵
    PID:1532
- - /usr/bin/cut
    cut -d ";" -f 1
    3⤵
    PID:1540
- - /usr/bin/cut
    cut -d "=" -f 2
    3⤵
    PID:1539
- - /usr/bin/head
    head -n 1
    3⤵
    PID:1538
- - /usr/bin/grep
    grep "x-scheme-handler/https=" /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache
    3⤵
    PID:1537
- /usr/bin/sed
  sed "s/:/ /g"
  2⤵
  - Reads runtime system information
  PID:1543
- /usr/bin/sed
  sed -e "s|-|/|"
  2⤵
  PID:1546
- /usr/bin/sed
  sed -e "s|-|/|"
  2⤵
  - Reads runtime system information
  PID:1551
- /usr/bin/cut
  cut "-d=" -f 2-
  2⤵
  PID:1557
- /usr/bin/which
  which firefox
  2⤵
  PID:1558
- /usr/bin/cut
  cut "-d=" -f 2-
  2⤵
  PID:1561
- /usr/bin/cut
  cut "-d=" -f 2-
  2⤵
  PID:1564
- /usr/bin/cut
  cut "-d=" -f 2-
  2⤵
  PID:1591
- /usr/bin/firefox
  /usr/bin/firefox "https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1"
  2⤵
  PID:1597
- - /usr/bin/which
    which /usr/bin/firefox
    3⤵
    PID:1599
- /usr/lib/firefox/firefox
  /usr/lib/firefox/firefox "https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1"
  2⤵
  - Checks CPU configuration
  - Reads CPU attributes
  - Enumerates kernel/hardware configuration
  - Reads runtime system information
  - Writes file to tmp directory
  PID:1597
- - /usr/local/sbin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:1781
- - /usr/local/bin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:1781
- - /usr/sbin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:1781
- - /usr/bin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:1781
- - /usr/lib/firefox/glxtest
    /usr/lib/firefox/glxtest -f 13
    3⤵
    - Enumerates kernel/hardware configuration
    - Reads runtime system information
    PID:1792
- - /usr/bin/lsb_release
    /usr/bin/lsb_release -idrc
    3⤵
    PID:1923
- - /usr/lib/firefox/firefox
    /usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20252 -prefMapSize 231436 -appDir /usr/lib/firefox/browser "{06b8c0af-ab3b-43c4-b1e4-205d53e18a0f}" 1597 true socket
    3⤵
    - Changes its process name
    - Reads CPU attributes
    - Enumerates kernel/hardware configuration
    - Reads runtime system information
    PID:2037
- - /usr/local/sbin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:2048
- - /usr/local/bin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:2048
- - /usr/sbin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:2048
- - /usr/bin/dbus-launch
    dbus-launch "--autolaunch=4816dd152e8c48ff97e9117d197c13d8" --binary-syntax --close-stderr
    3⤵
    PID:2048
- - /usr/lib/firefox/firefox
    /usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 22702 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{447f51d2-ce31-4aa9-b7a5-7e944b80fc53}" 1597 true tab
    3⤵
    - Reads CPU attributes
    - Enumerates kernel/hardware configuration
    - Reads runtime system information
    PID:2120
- - /usr/lib/firefox/firefox
    /usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 22370 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{b910efb4-6271-4f64-a12c-830a5a6399a0}" 1597 true tab
    3⤵
    - Reads CPU attributes
    - Enumerates kernel/hardware configuration
    - Reads runtime system information
    PID:2146
- - /usr/lib/firefox/firefox
    /usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 22719 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{0ed88733-f986-4926-9853-87c7a9d5ee2c}" 1597 true tab
    3⤵
    - Reads CPU attributes
    - Enumerates kernel/hardware configuration
    - Reads runtime system information
    PID:2184
- - /usr/lib/firefox/firefox
    /usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 28719 -prefMapSize 231436 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser "{cbff0de4-9547-485b-babe-2370b51d728d}" 1597 true tab
    3⤵
    - Reads CPU attributes
    - Enumerates kernel/hardware configuration
    - Reads runtime system information
    PID:2231

/usr/libexec/gvfsd-fuse
/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes
1⤵
- Reads runtime system information
PID:2093

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

System Information Discovery

T1082

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/root/.cache/dconf/user

Filesize
2B

MD5
c4103f122d27677c9db144cae1394a66

SHA1
1489f923c4dca729178b3e3233458550d8dddf29

SHA256
96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7

SHA512
5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/014870A57A510C59F13046485BAB2AF5E13D358D

Filesize
9KB

MD5
fa20212057d8d1e116a2de5bdeae85dd

SHA1
17fac587feab727ced80390461c84c5975baebe0

SHA256
2f3e40d9116f1bee38b7d6cd89723233c57f43190aa291663cc323c4fca47f70

SHA512
31519c9f2acca8d841c01b4a98949701318e1faf1df95643461a7311e46526d6b063d592c67972007642be1dcf614ac959c7dee0241f320079dea9406db2ebf4

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/037778A55E1B7E9BED3390289866D09402D6C913

Filesize
196B

MD5
b3770ee0daf2e60652ce766173ca84c5

SHA1
67e1c8f197d0108949a9ce52c5a7d120a1dbdb27

SHA256
f445f583cbf307c9c7b756b1f5ded02537516f41046ab78a303e2691570b16dd

SHA512
80fbefd7a150e8442e3322d77041168079839139cfefdb69fac4b36fa52cbfefb34af6f6c1a00ac051785f145845749fa6a4e29d7bf1c251c27241ef14cf60cd

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/037778A55E1B7E9BED3390289866D09402D6C913

Filesize
9KB

MD5
231e7e0d95826434dd549025da92cdad

SHA1
b064364b2a7630d3008bf275bcc9c50d3352025e

SHA256
180b721a189fdedd189f4ba46f83d3fcc9371a8a71c2fe980fda1cfd18766861

SHA512
be6c279a3429c225de0327746fbb8954eec202e6188e27fbb279f4c71f1c45e7a7288c91c85d663cfca1b0b6bb13ec875bdb08573fb18675ea36b3fd217ebf7f

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/037778A55E1B7E9BED3390289866D09402D6C913

Filesize
9KB

MD5
06a30c60165bbb2fc5bba51f4699358e

SHA1
9c5012f86debe230ade52743ef44c4f92db491e9

SHA256
9181bacbc43a36c61afac0c432ee7b1b53bc7e96549c534020a5a7046d83c332

SHA512
37fb4cacbca4ebe33acc54e52cd5b079b41e3a5c0e7b52aaad7ce0ec95e900750a473b2b469063b810b7d21216509f54d19a751144a5d323b83025c55101e888

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/039090029E64BC91E87E77199A6A6BE11FC39B6F

Filesize
142B

MD5
27cb84f6d1bf4352fdd261b7f00e8960

SHA1
eccb3e25efd628bcea6d5d11c1b4b713f7a7b64e

SHA256
01bb48d58d9e8dbc0ad93f97282d35563c1ecffe8a1026ce9a1c0b7882618a2c

SHA512
16797934b4aeae62065498b6ab828a9be3875acb4222f39313213dee62a28b3ecab9a88216d7b34d60abd98d372a31f69c0f8de2a52d949ca9cdd83bbd4a5258

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/039090029E64BC91E87E77199A6A6BE11FC39B6F

Filesize
142B

MD5
0ba273f018d74951d0bcf8fd10ed23e6

SHA1
c08f6d91e4ae4ecdd62cc61fdcf6c98765020b59

SHA256
45ab73bee7139eee6d485ac0a0041e26d7faedacbd67f96ebfc6f9a3a77cb2ce

SHA512
639d002b52446d25daf3fc025d09297b8f8d3df4303e2f8f1ac51b06a111dbdbb9a763cb95166d36d0a566ff3b2cdd9731d252dad6c50415b95dec1fed38e294

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/0EDDF8C091E2FED62E44BEDDDC1723F5BF38FE4F

Filesize
102B

MD5
303eb09debc036035fa45dec4914bbbe

SHA1
37daa7d73a8e8614e0203675c676e95a341aaa6b

SHA256
d4b152aa69495bd90022b4ab720f78b37990a6dd5bb9fa2b85e32b98b93fd2a3

SHA512
b0f378f974f5382cd87c6141fd4c1dd49b7a5ce6807b0cb438bbc924309515b8055d81c099f832388cc84af3159ab441c0c8a153463eeacdc2025ff85e027465

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/1611007487CDFCDB9FE43793C68D8984CF7DD7AA

Filesize
9KB

MD5
b0be354f9202ad92245e9f072598ca1d

SHA1
b94928a382cac427b50a5a973ed76100613ee34a

SHA256
7826ed0ad551edc274e594de5f1b581c911ab73091d347cdd32d0d8500213022

SHA512
2f0678e9e01243e8889d0fe2ed5fbd8ffe9063c37cb0a7015a4686a097e73de957faaca39842acac6422688ac2ab3fe3e28d6317433c8176b1550874b51c0dcb

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/1611007487CDFCDB9FE43793C68D8984CF7DD7AA

Filesize
9KB

MD5
ab7eace6b65c104db382fb8f38b773a0

SHA1
5cfb35698abd02136e05b3e97e7215e7c7aab781

SHA256
c91c03bf84786169eeb9efe5d3bfb8d76a8f2368ecb37e5b861f4a9561fb2c68

SHA512
0a2c3d49a5c4f989bc2207dc16102bd89099ffe43ba575cb11a98865bddf53a3ba75f46f5e066ab49001461c82aeed1b8c13e03176df63b4829115da9a97533e

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/298D53A692BA41D0C5CA5AE0806650D73FF83365

Filesize
185B

MD5
490a26634f0dde61523cb041fb47f874

SHA1
2b97fe12267af56ea0cf146966b8df8d20e7164f

SHA256
2473e4e0ab56aff233eb7f86a85a19ce44a1d764770f5bff479f5b6c80aa2020

SHA512
fcf5d653d45f03a034e89151626cce406c517bb4c75e23346c9ef7c230adcc2e7ed022d8be5964d408639eac7dde9615ff6c4cf93d58cba6ad20bb54b030c846

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/298D53A692BA41D0C5CA5AE0806650D73FF83365

Filesize
9KB

MD5
49d2310df387c89c3d8bcf323702fa07

SHA1
6c17f38d128775dc93e0ef425611097c2bea5db3

SHA256
13ee31e7495e31d2547e715d7d31b580e6be71872a9b2bce37324b06fc443253

SHA512
ad3d66d02ebf0cc1011f946cfcceb4ad14cbe74c5bfbd078d82f7df60d68be0004a86a378878e8bc6c4111e8c07dc38d5cce5d56d1aafab5736b478d4d0ded5f

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/298D53A692BA41D0C5CA5AE0806650D73FF83365

Filesize
9KB

MD5
b0f6953aafb5b4f709507d3e64a01edb

SHA1
47829ecee22863775cd8aaf15a2227726c0c886d

SHA256
1626214f35afe956c0a8ebdc7b4e638380c0037493b72cf26560247f261101ee

SHA512
22dd7b2fa0f91f18e7a9b360be31f47d63a4c9c6c36f833a4d912820fe4620190949ca8b621bb6a6055dd99ed63223c73d4e62e52093737c0f92c5cf8324af73

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

Filesize
13KB

MD5
157965a6c2cb76316b02df1114790f34

SHA1
2c4479e2552d6c087b45d7235138f414ed03db5f

SHA256
d3ddf61791b4af4355b954e5d222f008c4576d1ffa88a15e2500daa67b95f032

SHA512
81b9d33ea1ec26f4b10a15ad1851499f7a8b59a24a4f8fc8ec89aff1da1a009fba42406c006acc6617adb1025d742f9b1dc60a5d63cb0192ec5ecedf02ab2855

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/3D1E19D09F398691ABF62061591970855193B42F

Filesize
13KB

MD5
cb4bdaaa3e0392c065d1941d78b49c41

SHA1
bb4f877f0a124965a9bb467754fa5f1bd2d5a1f3

SHA256
e3c135957c6c62231d2e7552566df13a604c85d163b564fa0e8556b26d1670c0

SHA512
cb27dd2a057874d0475c00683be52317ee58a29b27b4f7ea79edfebf2444afb416dfe911fa5387ff50111071ba20315852d544cb8d73fc5fed2647cf59ff4d69

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/8AF5D98EA49BFC5F75DBBB8CBE9CADF11B63E0F4

Filesize
165B

MD5
399db7411f8d27473804c70b250f15a2

SHA1
3e3794b3957698d0ccba9ca79467f31e4fc5eacf

SHA256
d82822dfd554003efb840f7c22afaa77fc2ba65e9eac18cac4ec66a18be26d11

SHA512
20c0d09325ec01faa3e8d20c630c5fea9c5519a29daa3e1f4d17b28a00e25d25af9c4c2af8aff303452ac8cd3e460a03dbc3b1c1b6b7ac4cb118b8e71d47022b

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/8AF5D98EA49BFC5F75DBBB8CBE9CADF11B63E0F4

Filesize
10KB

MD5
309f9ba8ce51b38ee4c92477575b3aaf

SHA1
9dd355b38ea94c768493b8c786c3d8020e6e2b7c

SHA256
f04867b7fe7f6b74feecf4106546b7134f88d201ac96bd469e8d9904c760c632

SHA512
60165990682fef1f2d690180d4874ccceccd43b6d36293725cc04a715d290eba683984b1cf6d7ca512113a8db4a3bb22e3b15d843ea0c92910d996d09e733876

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/8AF5D98EA49BFC5F75DBBB8CBE9CADF11B63E0F4

Filesize
10KB

MD5
e3e21c786399a6f952dcf49955af491d

SHA1
a9b2e700c27aa5c8b4b612cb0c1bd6b7318d812f

SHA256
b5e0f610736638832336fbd39d5d6d60ba1986c2c67abeca0cf8135a555286ac

SHA512
27b397f54b19c7349d67e49bdacdf630f44b9ca983c031f4f067bb3bbfcedce95946466ebec12903f88fc8e1c7cd95618a07341a6001edc0f1053c8797459728

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/90E321EE94230DCDBDCD2EC0B77C695A4FC21F78

Filesize
9KB

MD5
deedb0ebef2f835c43ea16970290e646

SHA1
5cd1f000a86dd08a2d5c887fc35bbafd3632ee36

SHA256
07a47db4767588a186df2c3f9fda688526f2e2a26ed33ae4ed31647bc27390b8

SHA512
aaaefbe6f2777cc5310e899953932e922b01cba83a34ad9ff7957888411e3081c50b66dc5bb84bb54448a9915060fac13c6686302060b29ef5fd72a4a8dddef9

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/90E321EE94230DCDBDCD2EC0B77C695A4FC21F78

Filesize
9KB

MD5
7a26f045b47d3c36b8bed85e4e1497ce

SHA1
9c58898bcdf5ae7d0a32a22590d6b2125213572e

SHA256
cc4a759ef6728f4262dc9a858685d274c5a8239df65f52debccbbc59c1fd98fb

SHA512
7eea7fe3c78f4519a68fdc5ab450e74cac4b595dfd3ebfe9032180c1a38f642ed028fdd6661fe15f9eef37d2400cbae95f080003c5e4b73b6dd7633e5916f586

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/CC6C475EAE41B3EF362A4CA5536F62C3BE54930C

Filesize
114B

MD5
d16573a30eee7bded7ceb6b5f65b4b7e

SHA1
8732fc3965518fa53f8ead804037f8760fb2a53a

SHA256
8ff707a49dc58127b9f3d35df15f3e4709120d118e92b7aaf1d4767d7334e2e5

SHA512
9d8ff22141127fe1d339ddd7140a59d39aed7ef71848895e82ec690258adfe732e4b764f2e1b64e30950412f2c2cd68bd7955f46e223ffa45634db51a9761fd3

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/CC6C475EAE41B3EF362A4CA5536F62C3BE54930C

Filesize
114B

MD5
9446bdb17c67bc3c304c4ad68f1228ad

SHA1
5232a8b9f8b09136b8dc549c04d05e9b12efd772

SHA256
f9b13ca715e2bdf7c97350b5597ce0d0304ae97745f791878a4fbb7bd9e68864

SHA512
a3260a00c5018e881e379958358208cfc1571fe2813ae97b6e3befbff0d6647e0d0830d8454a277430982395c7613a905a170c2f56e36380310a515c9ea5d0d5

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/D0F48A0632B6C451791F4257697E861961F06A6F

Filesize
52B

MD5
c576d9e2384ca0af6f58900581cccac9

SHA1
0e63a04985248434bb968b0d9149eca5e497e142

SHA256
592483583b0fe22629f899572567882e3a98493ab34cd37e684db85d5336cc4e

SHA512
9e1b1d2c1c16dd844fe5e90c875f280f2fa7ce78534c9b7ddcd5b042d4d1965e0cd92dbcd192a30e9d15456365342abcc8b1b0bb1e586b6b2dfd17546d884e20

Download Submit
/root/.cache/mozilla/firefox/m9kogy3z.default-release/cache2/entries/EE1AAB872F378C4FA66FBCD193AF217BF20A4E27

Filesize
115B

MD5
0eec204e7eaac1f059c4affc9b8017bb

SHA1
7c5ace6ab4690dc66e3a0c693315521218bf4fe6

SHA256
9fb6b4d5460e0b2cdbe9372d52e26a6db8cf42e850bfe51153f6f9d331ef87f4

SHA512
b15627be859ad1f396116dc5e73a2f1f5108040505a37643c2d6c820efe980bf949cbc2292801e8d1ecd2944aabf055747c57adaa047565c9db284f06142a4cb

Download Submit
/root/.dbus/session-bus/4816dd152e8c48ff97e9117d197c13d8-0

Filesize
466B

MD5
9e0da1c588c424645d9f1658adf7aead

SHA1
6aca08b729f7a8d876d4179b1eed2467d4f2fb54

SHA256
241d726009ca357e357adca67b4693578c0826fc94e694e97359b868097d68a0

SHA512
61794218996e5fad730ca664000847d23a3f147d55c02600b18b71a67ca06ea608866ca84f43c1a2318d4421dfc702826fa85771a46f34879e423f0b63ee7b67

Download Submit
/root/.mozilla/firefox/Crash Reports/InstallTime20240108143603

Filesize
10B

MD5
48bd770613bdcb14d78b5158f401d8da

SHA1
1f417767b14dcccd7de2179202fc8c7639bf77a5

SHA256
5d21b60fa230fe283472eb1a6bfe12c6ee07c2485e1b503f7ac63bb050d5cf0d

SHA512
c291c23b27e9d65272d81b51891821a17387054a55ebb4e2a3b0a89f9af314137eaba5b5bd1354dc318ef5c2ed96b15c70881d525e1bcf68da7b3c7db500ec79

Download Submit
/root/.mozilla/firefox/installs.ini

Filesize
62B

MD5
d8d25a7b519923dd143c21714daf2400

SHA1
7cc704da37f89cd5c9f045621c2e11f9f343146f

SHA256
aa89a54b2872aeb18201bfaa1489e719b697bb0185c00cb6a4b0d1fb4fbb1ee0

SHA512
1082396d251fbf2d23616ed2a9b90764891279d5f19f2dfb625faf6a247d23af03d81fde2df86cd56e96106e7ddcb20b7d54eae4685f86e28a0c816d544497ea

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/cert9.db

Filesize
224KB

MD5
539613807bdba9b7f032fe50cc07f15f

SHA1
2d736ffcb00114898e3b88d240aa9d573402c95b

SHA256
47577640f1922b7e18cf0127e212b71afe8d0dd8f7214cd6f2fbdc85f67fcd93

SHA512
4c79acbc9754629008fa380fae2ac4ee93207b2da832e319b35e2d1a7228988bc8a77fa2b2b3e381fe70fb8060c55cabfb3ee8a6a7b561e71ccb27f1297707c3

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/cert9.db

Filesize
224KB

MD5
12a6617f80348b1522dec407785e1d41

SHA1
802499cb8a3e089e74dc363d7e31c0e0a935586e

SHA256
355c6676e6f4e7e7017dce211f069c86334856c4a8e18682e69033399c1d4bcf

SHA512
6fdbaad252d067e54282c5d2d2972a3b3a3d9ff225f454a13eed66bfe2375ba9818c2fd62c244c0e33022d9e98bffa27a4bf342084e4c72e5e0fdc1578fa06e2

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/cert9.db

Filesize
224KB

MD5
c27ac0625ff473c45ffc70cfa2d1c4b7

SHA1
0852c2ef3438d56df707e875252b6246df3daccf

SHA256
696b668967d68042edb2ead7dec3770f3a0c44fb3b22d56a5f7a810e25b9540d

SHA512
813d8dab8a5f17c9205e2af8fc0ff2e31505bc58b1eb5797a3977fffd2d9f9a5e147e2f2f0a8de299dd4a034a7cc62196c2a436b7582f2b2500218fb0b15a0bf

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/compatibility.ini

Filesize
163B

MD5
2d41a6f5736821b90ef44850dd3873fe

SHA1
a47c4bc1431234a5b58e460ede5b571acd38e562

SHA256
b4bf5c8334f6db20ae94105141ae7a721342ddccd94ec65289dc291e76a31814

SHA512
047a1455211e7aa29ef5f32f07c89d8a0c8d86d871bc664e4d8958a2a014dbe32f0613cd9eb66e7307c0e2439f74ca0b829652a52fa48e8c60d64b41f69914eb

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/content-prefs.sqlite

Filesize
32KB

MD5
1c7386dfc5a5d7f2aa06cdf1e2b280a9

SHA1
71fd6c476cca7d5aaaa79f1c535346b6de20a448

SHA256
f2793a25bb1c364f2589a7b541a5873f8e5e192ff39c1fcefd786e1c23f1c5c8

SHA512
378d36bf3054ffb7b664bcb4d0e38b546b684ce4436c247674ccf621ec2f9951cca73f55e4c1f496a37061ade6065fd315878aa65d2d38c09f8f6a0cb768d978

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/cookies.sqlite

Filesize
96KB

MD5
26ff39b359947b71a5fadd950fac34f0

SHA1
66e5830e4dca79225f41adc13a077d8e5dd8084b

SHA256
aecbaf3e1df1332d4f14a11480db712eb4aa91581eb4e942c580bf675f592a45

SHA512
7fae7b9ff4362e12f00acdc898f6f679718bdd28dc959684333086de7bacd162338dc266810f9f3f6dfa3dc228291efd6bb325e2e8573ca0e6a699059a145f11

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/cookies.sqlite

Filesize
96KB

MD5
102a8b6e82208a1b69224bdca8a5b10f

SHA1
8413dc3772127c4159e6d6b51372990a06b805ee

SHA256
5ebf89b32937916a76a8432832040cf0f6b99c2f006cc42f856712d403ec182c

SHA512
49c5c27c6749a7a73b4b944eea64ceb053a272619e6319bfd433ffbe126c8fbccc110961018165a4c7de781a86cf38d2bd9e52ec71b10bc73c9fd05fe841a46c

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/favicons.sqlite

Filesize
224KB

MD5
aff3f84fda6516b87050f171d68531ea

SHA1
6b82d182412601c057bfc591cc6b9a8932c84c73

SHA256
5203714a71df85f81969a193cac50befa4b1e70841b9b2d3ea348d3b99657172

SHA512
aacbaa66d86f8b3f299cead818a0883bb900588da822148b4ac7543a0fa4ee399c14a69534ae55bfd0e7b18630b93f04e0e0174b7d586e0d536c20760b5d65d8

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/key4.db

Filesize
288KB

MD5
9ccb86714a67c0be3b6260ea313271cc

SHA1
3f1f98669059d3aa9c02ebe60b290aa1c57a3798

SHA256
cd6ec7c10ea4e30ec040a725ce7cd65991e04037fbf9ae270133c775fd0486da

SHA512
5e4a9e51f10fb85d08d9e3a63ff88123606b80bb66f36567aa3ee298a3cc50a91a7b368c3f2439de664ca266b6be2fb5374a95ec6d1f9168c410450d8f35c3c7

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/permissions.sqlite

Filesize
96KB

MD5
c470670c0ee9949e270efb5971202bd5

SHA1
b224835ca27480de18784e4b10bdd6ea44bfdf02

SHA256
6b745a5697c659001c0cccf0bef10d7f915a2be35513e47245940ed8c20f45ff

SHA512
0d85b13c589eae59736da22a1eea28b27816bc54b6b204fc6f5800b1867f9dd4e992cbf206a6a8d9abae3946bf37dced17309f45e14b60f5cde32b11f19fd755

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/places.sqlite

Filesize
1.4MB

MD5
63d8bd277838d3944cbd171cb6c7a6cc

SHA1
ccdc224d4750b55eafc384b5424e0894ad4ee162

SHA256
97bd5ab7ca5913ded26c87e8bdab9a47a20eb6866fc0b6a824b140c723925cf4

SHA512
835e58c11a1cdafb5f8db9d675af59734e92dac79879d22eae7c17656626ec0dbcb5248eaf269596df72ea7343ba795dfbda6a48fad523acce205f02e7e4e586

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
1KB

MD5
30659b3cefc3a0e08296addb2f11c345

SHA1
89fa5ad38b06e75ca3b6a8222bc458997683e9de

SHA256
5ace62db017e665c7122f64916b874b9350e25131e59a29422e46538627a750c

SHA512
004b6f1fe3ce7d39e7292327a09bf4348a1b97c88f7941b3ec46c24f2bff1c11fbce54e3aee91d629d56849713d7d7b68d1e402605f4897eb36cbe9ee4b9909c

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
1KB

MD5
116aa6d3fb0466c4e4e0a9ff7275329f

SHA1
7416298f557264a35f02febfaf16b3bf9a37cbc9

SHA256
e3bca519eae383a43fe923d9f0d8c330c1ddd57c55dbed3c9927ffdd71796f93

SHA512
3028a8720e4484ab72058fd8d49a3a299ab30483c07d4fcd68323562e1e0c8b5b211d078825f206ac534922782948ce8421bc349bb134258a4b25aa131d3e4bb

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
2KB

MD5
7f34d5a18c460ecc54de07b956da1d43

SHA1
347cc7df8ca9e7bce02ccae100677f32e178e970

SHA256
8089ce0457a07f227358d6493776f80b749a9f5380a1ad449131245bcd88cba6

SHA512
19ea8c7bbc23f0ab2b878a81d75c4dc66789359bc96a37f1abf7b6c074f6f799ad9fbd5c8d993934b5bcbc6056e531c738753a1375320dd2d12a62fba68efe09

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
2KB

MD5
d723e135c7807fc8b947ab6adbb5493b

SHA1
0d481afeff1dbb23cf00d3dc685e69c49cd61dcb

SHA256
b1e0bbc04efa321617b0e749a67f9911dd7184120eea36fea66c67840d04ff89

SHA512
1df65f8b6a21fc4d5e317af60e34892108dc5bd90d04288c34fcd30c423a528bb6350ede3af9274736de3075fec4a1e98a068bf0a6b3de71979657bcea571831

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
2KB

MD5
69021e3c033a7ffd786d45b11780421a

SHA1
544ca9949988716ac1d2eadd3d96fe2e981efecb

SHA256
e3c780fcc4a8400352cd00e731043202744e5559d8cc3b0507050ec503162c6e

SHA512
e3cecc100575be9f6ee662b439f3b892cd85509108b4a6c3eb8d70c87220e52a9f8c5d9ebbffaf653feb475d47a7ca59f9d3cb2a938443efa6956ecee16837d2

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
2KB

MD5
3f0b1091c642ca20e04ba8ff4ce76ed9

SHA1
6cca1cb4cde35d9d8fb253c49d1d23b8c6cb6f53

SHA256
252af3a3d31e437170804e13e01fb591984fdf06f95ca5ea2227b76e9383c5b2

SHA512
0688bba0b086f3054cfb008952c9ccef4202d7a61c0e91be87745de733dc1bd7608f71573c93e56c55aafd15b03075bac712d01e554ff4d61682936f2b5cde3f

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
3KB

MD5
387a68f9229aea22f4b4cd997f15e3f9

SHA1
d12c84fe3e8e22a91e4d97a8e6e1333c9867c5a5

SHA256
8569b4a5c2bddba40bda34db1012d1610f09d013d238a323dfe3c4f910c0a61c

SHA512
0099e999e267696bd1f7e62beb4245d9e107956589b5544553c5945599b9d2eb84eebecea5784f4f82c05fbcd24f9fef129f027a118de5f9b3d672c74d7d07b0

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
4KB

MD5
1c7dbae6eb2194fdb645563e848e86e7

SHA1
5299ba641532924544d85e9b4b375685406924ec

SHA256
8c97a290d027f5ed81efc94b078d493cd9724a59293a5729fabee374bb8722a5

SHA512
6c4d9ea4506a46a13b1f23d63847bf02a9cc0020569ffd63bc7adc8e6da4f198561eb9772a076b1d7ce5ce4693d46ced9579cfc0a39f0ce3b7182f1bd527d53a

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs-1.js

Filesize
4KB

MD5
2e4a1ce5e482a6287e2a56c3cbfe25e8

SHA1
33c4a37c0d9f1bbdfa1c0a3f483a71e94d9dcafa

SHA256
1b20342cd0e946811683f7ef5349b8d65bddf27cf7b242b7673917348d646197

SHA512
a9cdbc7cd18a3854b0ae60848896dea1cf6039863b4a9f2273bdba871502b1807b3ea9bdb5211a3d6242c3ab602ebb1ef810e837ff493bd8eec2271a78ec3d76

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/prefs.js

Filesize
776B

MD5
fb24bedf2a26e61c8307449d7cd7fadf

SHA1
f7a45e685f5494925ab22a83912b8d0c75af4615

SHA256
bc432db2a4ac852886ba6034b4b0aa99cbbb63d552892ceee0e408a7f4c93a6f

SHA512
a5db43d7bb0fe38e8ef2c9fc528b2828ad6858985f6b2de7e2f970e5d22512a4758a270c8abe98093d9cd4a9e9723ebb79c23714ff523d1a62de8f25b29a7bc4

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/ls-archive.sqlite

Filesize
96KB

MD5
e1121e3dd3c8a9c384f879bdddcff219

SHA1
625f25a1a5ff8527ab3105636fa7aecb9affd234

SHA256
766b9f50254b4e5526b0cde2911512956262596d8937f8630805d3c70802a066

SHA512
03e1cee2e75b2b609b8344a40995de09de837e940d2012f2fea65d9c70eecbcd3345b66b852f32211b38b06a4370f06f02ca7521e29e7113e2e12a6a7752be31

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/ls-archive.sqlite

Filesize
128KB

MD5
0d2b18bbf091633c4fe1ebdd197dfa15

SHA1
c150dc37042d92d30efed6cbc1b536eb66ec1a3e

SHA256
fe63ee867e0f229a0bcc48b771afeec394c362ac6d0c2bd6907c7202097bd228

SHA512
59d202bfaf236bdcfc05a3e148a773d15a3bdff23be26fb2cbfd059fee6c4a516c7a59de0a3bc97df1419c34464e1346354979ddda1062101121522f22d8156d

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/.metadata-v2-tmp

Filesize
36B

MD5
9d84e3e56c7c2677fac94f428156dcc9

SHA1
8c71a3bc353aab7deba730a889e30689ebe878d8

SHA256
7d183828198dfa9a9365a519ceefc74b7f4923db0fd5a94a1c327eddcddc4073

SHA512
a3a7def1bb69879b59f992607fb46e4ef8cb9e2402758af659d6acde835ac539db4249e7639172e31deee167b104b5becd18569bb21762b97f994cc778ec2170

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

Filesize
44KB

MD5
488403dd59d861961dbf2e5317cc6e55

SHA1
bcb13cf819bdc370762237a075f14a9be0728a50

SHA256
8645149962df6c816291521b6cb45e9acf79da6bdc3a727ba00c71eb720de4ef

SHA512
4e60bc58fdc1ffe3662b83fc9af3e0ec5af90eeb25da8e60a70717e3588676e135f6cc5a8d57a37c2cd2ce3a3661e665e2688d00799dd834945d5f0964750805

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

Filesize
12KB

MD5
00fed1919c1d92c180ef3556f1f27797

SHA1
99f4a8b6115257dc13ce38744346b748037f7a5c

SHA256
df7374b0d93c0e0e9a84a33e54096d99d7e3aa380859251b189873bb62627f87

SHA512
f9425709ba6eeb41188339f9522e3a95a7bbc6d3b24f132f047d50c3bba56808199c2b1f2db25b4982dee6939d9673ea5f28ea0d83174cc0820fe24842988015

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/1451318868ntouromlalnodry--epcr.sqlite

Filesize
16KB

MD5
de561cb90dac4e8daedc0c04ec09e6b0

SHA1
1671a2a37d890947dad85e187c37a5b46b24d838

SHA256
0238e07b4096bb84de62d19fc4c75cb36d0f317baaf3281afa6b32f0266f9ac3

SHA512
285a23b07783a073d1cd2c1b90b67722bbe47a4451a56feacfa2ea427abcb280b751118047a7f3351de2521030ba6d2c43b38fda72a6aa4a16e6163285800fc2

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

Filesize
44KB

MD5
f1cd629017b1fe58fc80953ebd4754b6

SHA1
01e02178484458797c2b682325b26b2633fe8466

SHA256
81bf3da297b9ee8270bea383d9479cd7951e35f552361230358e3a35e1f44567

SHA512
afb775074af046014236a312865a1811de3bfb97f8df057541401867140fcc236259ab237712a7d3bc012ff84cf90330e4e122374cd09c194c4c145f575fb95a

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

Filesize
12KB

MD5
419460a11abe7bd9eef9408e16b7fd02

SHA1
7ad3e9b9326d6b9fb5c4a16ed6f318177999ed35

SHA256
b86fba59d99316c50e93eb65570c04b09915b1fcf65f5f11027c7fc56dcf200e

SHA512
48e1f3118263b170d3227c64a08938fa09c0e5db0ac0c92bb3e3f7984a82376cc1f537f662501cd408129830be36d935043d24cf30f0779076fb4af261008566

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/1657114595AmcateirvtiSty.sqlite

Filesize
16KB

MD5
a05011595baed77d64dde6371dbfece8

SHA1
012483265af24c5fbb78728270579ed7bf26cfcf

SHA256
f972023f4d973928f58fdbfa0ccf83694522459e3f4d4646199aa7ca9c590832

SHA512
7ba4f388165b378dfb369d3263af3ca2a9fa77ed0f8d8a8c7dea2ba91c079ac146db785c513821409d809ffff1f0ae9d8efe67ec70ad5a021a3a0f3dfa111d7d

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

Filesize
44KB

MD5
1ea539584c41fd171d307fb9e740d499

SHA1
de3d1a3d6a0173bcd30c89f148cd732d0ae614eb

SHA256
aaa3461e12a1343eb5803894e1ef6894014b75b26ef264f29ece30b1cea3aa83

SHA512
22b145864127c0f223522016c6ba0a67e06a36aeba135e546f4d77000f436d5060064eb988b7aafdb451e39f70d0afd20313d15507dd531234ac25d60e9d935c

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

Filesize
12KB

MD5
fc33bb961db52a9a3b568b065a3f6f01

SHA1
5b146d9adac6a784b8e504a8e1d2e56f89b5e34b

SHA256
7c44a30d57c48e5ff6dfe24d6813e171403f38c08cf70468e1fd3baef5caf711

SHA512
0b024a2d7ddfb2da99c49472fad8200e365fe627f2c31c095e5b8bdc1451114a825b35dcd8fdf3990157744794514540eb737c1361f4b99f8a482cfa8adfe74d

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3561288849sdhlie.sqlite

Filesize
16KB

MD5
879b510c330fc948d40735834f7c4494

SHA1
ca1043a36548747020c057bca1f4551751a54946

SHA256
bdab6ea7ce1029c4c80fbdeff25f68fe4ca61928221350378337b40ae813ab5b

SHA512
6b6048363d0a498d3324174293e5a4f4817087b5996e6af9efaa49db14122e3638069b3f6bb1aaded97c14d209d89b0402beb4000647eaf3060b948ab629324e

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

Filesize
44KB

MD5
225fe36c4bb990de9670b27368d655a2

SHA1
1dc382bec9af9b4bd0308dea1908ab6933834828

SHA256
2185235a458ef8924a1370bb956dd1d65d1f7bbffda08289275e072b65d5d1db

SHA512
11eb31a930a336c13869b0d385df555d7fba32ecea26bf513398dca2a35439643b0896a94c4696ffb439eef18b7f85982155dd12beddef784fe4ed1e86d2d1c2

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

Filesize
12KB

MD5
894add01373e3e447fec55eead42a6b2

SHA1
1d44775445bc0485f43a50665fb9020e2591fdbf

SHA256
48bce0454362e5c4c3113a4b991aa9dd9fee8379147be279ccfdd5dec42efc2c

SHA512
e57a1f3154ad5a72b7e467e2352a2ce3fd110da3daa2da7bd8b233bb4f202ee3106f673a491ca4bbd44bef9c754b65e4f26d6eaa9e536114c406cccd64e4c604

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

Filesize
156KB

MD5
fe566084e7aee7228c051e9efa8d9fc5

SHA1
0eda1f466117825221d6b9d202ada593a809cf92

SHA256
07bf8fe1f4bce14048ed3d6c1ccb4e7762ec97581911bc7a4abb1f5227e618f3

SHA512
c2da8adcbf3f861db9852a2b7d33bde8bc676f239fcee278d8b9bbe9a952ba1b0df23f0507d1058134499e855cf16900183e4d4a95221fb9a07c63a64b0bbed2

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

Filesize
140KB

MD5
4d8d479a813d71dd277a4f70c69abbbe

SHA1
ef9c661bcea2bde5cb8ab2214569a9747ef23727

SHA256
3edddef72879f4feb1a71b58572834a75fda486369a90125e59f422eb4a1db68

SHA512
7c12377f61f60201f7a538a116998b3dbabf990abe786c7845c55678f7615657fec536ee91d18e7dd1d283e55d2e7731c16fedb11f4b9175dddc8ccdc1d421c4

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/storage/permanent/chrome/idb/3870112724rsegmnoittet-es.sqlite

Filesize
116KB

MD5
bbe9e4471c97fb1b270eb793922a00e8

SHA1
a1da47669a2b512be64ba97e8bbd587887d2c24f

SHA256
dedbbbca17668696789b6525ec93fadbb5731e96df326c7d84ce355fe0ca1bac

SHA512
1df28b24c05bd0931c3fab72bf6283d4a4df4253bd28060bf9abaf8fa0b9fd91e7790c28d7972287ac82a1bf04eecd3fab8acdaa26dfd394b3493280c7474f1d

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/times.json

Filesize
50B

MD5
100b88b11948fad6b9d7003b1e6268cd

SHA1
5dc0c73c77c36d9ebf29c6cabb6e54c1184960cb

SHA256
592993c2ea85e8d4961f32786cbae03f999ed2b8bb093c64787a462b5d252da8

SHA512
a369abd8bf42d87dc88ffe1918462ae7ee2044cf44caa919a9d10ae93b38db38811e884dded7bc836e20fd976585e45d3202de8670a431c081b99bb591e32eb4

Download Submit
/root/.mozilla/firefox/m9kogy3z.default-release/times.json

Filesize
47B

MD5
6aa15138bfef49a8d78a709dce7cc5ae

SHA1
dec55e4cf8bf7a98a8d770bc1d7599650e5f6f5c

SHA256
423e68f6e2a725ac12b5f3891fd212ebb072c47dc18e10e68c60db16abbfdf46

SHA512
a22e7b98efbd65c3dc2fe26be47f40e7aa37928889d1259b8e99d6dbc099a4c6a5d5cbd8cc65bc4b4814cb60b2b31435851bbc4039b258d5242ac51187c551fc

Download Submit
/root/.mozilla/firefox/o4lzdj1a.default/times.json

Filesize
47B

MD5
a07cc8cdaacbed959cd6e4d9a4f79b96

SHA1
a6c7279b5e531ddc66df09fae75e9d0fb0dc6c3d

SHA256
dd04f38c8d1a91e9ccec738dccb50e227baab2b2c07e5446edf830f8c004130a

SHA512
468e2c63531bffcc7a3a448dc27978bc5ed55c6fd0c08701b5448b658b206035cd574e52f091549444cfa3c5db943bc1f4dd947af01c4244ce6ee8f3488ce8c0

Download Submit
/root/.mozilla/firefox/profiles.ini

Filesize
259B

MD5
31f004cdbfd871d28a14d771160c1eb6

SHA1
6b48f0c4bc6e34092a4e38a7615b6cde5f6455d1

SHA256
cd6f3498e2ff79743a75d28e9694fb660cc18c8f3cd15b73f1dc4b3b8af57334

SHA512
09c5a09061ed106b17ab8ad3c3de7ca36b94ca8f4ce4aeca59a21bdefac0aea5453b72459b0206d4775ee5b227c82ea65329c94b396bf6e55212c99581572d15

Download Submit